Monday, 19 December 2011

Windows 7 - Home Premium The Unlucky Few lacking GPE (Group Policies)

It's kind of interesting the other day. I was at a clients house and I was installing some new software on their machine. Evidently they had a virus and the result was they wanted me to completely re-install their operating system and lock it down.

The setup was pretty simple, however they wanted to enforce a password policy, the passwords must be 8 characters or longer, and contain a combination of base 10 (0-9) Upper and Lower Alphabet Characters and some funny ones (!@#% etc).

This would have been pretty simple if they had been running just about any other version of Windows 7, such as Professional, Ultimate etc..

Though they weren't and to my dismay they weren't able to use a simple Group Policy SNAP-IN to configure this template. As a result I had to go through MMC, and create a new Security Template and add these through an alternate means.

If you ever find that you are in the same boat it is quite easily rectifiable by performing these simple steps:

Howto Create a Security Policy in Windows 7 - Home Premium without the use of a Group Policy Editor!

1 -> Begin by clicking on the Start Button

2 -> Next in the search field at the very bottom where it says "Search Programs and Files" enter mmc, and hit .

3 -> This will bring up the Microsoft Management Console.

4 -> Next click on "New" and go to "Add/Remove Snap In"

**NOTE: if at this point you noticed the Local Users and Groups Snap In, this is where you would be notified that you aren't using the proper version of Windows**

5 -> From the list you will select "Security Configuration" and "Security Templates" and add them both, select OK and close that Window.

6 -> Next we are going to need to create a Security Template that we will associate with the Database we create later.

7 -> You will need to click on the MMC Console Root on the side on "Security Templates". You will then see the folder we are using to store Security Templates. If you right click on that folder you will be given the option to create a "New Template". Do this and name it and describe it, however you like.

8 -> With that out of the way you are going to see a plethora of options available to you, I won't go through individual items but under "Account Policies" is where you would setup password restrictions, expirations etc..

9 -> So with that out of the way you will need to configure the "Security Configuration and Analysis" Snap-In.

10 -> Simple right click on the title and choose "Open Database" Enter whichever name you want to call this database (testdb) and proceed. Next it will ask you for the Security Template you would like to use. This will be the security template you configured above. It is important to note that you will need to make sure you select, "CLEAR THIS DATABASE PERFORMING IMPORTING" you will see this just below the Open button.

11 -> With that out of the way you should have successfully opended the database and be able to apply these changes by right clicking the "Security Configuration and Analysis Page" and choosing, "Configure Computer Now" .

That is it!, Hopefully this hasn't been to confusing, or lacking clarity however questions and comments are always open Youtube to Channel by the end of the week, please check out, subscribe, comments, or even troll :)

Hi, Thanks, It worked, but I messed it up, now I cant log in, DOH!...Anyone know how I can reset things ? note: Ive got no restore points !I would have just repaired the OS with the installation disk, like you can with XP PRO, but it appears this lesser known & brilliant repair function has been removed... This is where XP does a reinstal/ repair, that keeps all installed programs & most settings, but usually taking the service pack & updates back to the original OS disk...

Ive just learned, this is called a: Non-destructive reinstall. A work through instruction can be found here: http://www.winhelp.us/non-destructive-reinstall-of-windows-7.htmlIve not tried it yet though! Good luck to me :)BTW folks, this lesser known fix on XP was the best & frankly the easiest for when all else fails, Ive used it many many times..

Followers

Blog Archive

About Me

I've always believed that information should be freely available. People that aren't willing to disclose information either have something to hide, or aren't being entirely honest. This is why user awareness is so important.